Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/x67BAH05GxxdfcWHDulfZ8-_lwE.roa
File: x67BAH05GxxdfcWHDulfZ8-_lwE.roa (raw, json)
Hash identifier: BbVMEm/Y0D5ud9kEw6//s6KdOTcO4BKFVwtrtu4cQvs=
Subject key identifier: C7:AE:C1:00:7D:39:1B:1C:5D:7D:C5:87:0E:E9:5F:67:CF:BF:97:01
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018BF6884E027B699741F61A6CEA111FE50F
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/x67BAH05GxxdfcWHDulfZ8-_lwE.roa
Signing time: Wed 22 Nov 2023 10:16:49 +0000
ROA not before: Wed 22 Nov 2023 10:16:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200436
IP address blocks: 5.57.32.0/24 maxlen: 24
5.57.39.0/24 maxlen: 24
185.212.49.0/24 maxlen: 24
178.239.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:88:4e:02:7b:69:97:41:f6:1a:6c:ea:11:1f:e5:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Nov 22 10:16:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7aec1007d391b1c5d7dc5870ee95f67cfbf9701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6a:14:a4:e9:ef:99:17:7b:d5:e0:c3:07:fe:
94:ed:30:2d:96:f9:b0:4c:93:76:f8:ce:98:4a:3e:
c0:ad:a9:2b:f8:11:d9:59:57:ff:d8:d1:7c:37:83:
16:12:5c:e8:41:ed:df:b5:4c:1a:34:85:61:64:f5:
06:50:be:ff:89:6c:03:f6:14:8f:31:55:38:8c:89:
7f:3f:b5:24:be:4a:6d:77:56:e7:d9:27:81:5f:4b:
85:f4:a6:38:7c:4e:9e:84:7e:4b:36:81:f7:0a:56:
30:e2:06:ab:4e:66:45:be:25:15:31:b6:aa:43:dc:
5d:29:9c:ad:c0:22:1f:13:9e:50:2f:3f:d3:77:63:
38:5e:a8:e3:68:d0:11:68:3a:de:58:b4:00:28:14:
26:b2:2f:ba:50:af:f8:54:42:98:3f:db:2d:c9:8a:
28:da:50:21:f8:b6:7d:c9:cd:d7:82:cb:67:e5:43:
8b:b1:bc:62:5b:22:6f:9e:64:01:98:34:25:9f:16:
0a:e2:ce:74:6c:eb:75:52:34:ce:97:d8:56:e7:77:
03:96:15:eb:7b:ad:a5:65:0d:77:4b:c3:f0:35:05:
4b:4c:36:62:1b:19:56:f2:8d:e6:9f:22:61:36:67:
29:fd:29:08:10:b6:f5:0c:11:a2:a5:04:c6:92:2e:
b5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:AE:C1:00:7D:39:1B:1C:5D:7D:C5:87:0E:E9:5F:67:CF:BF:97:01
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/x67BAH05GxxdfcWHDulfZ8-_lwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.32.0/24
5.57.39.0/24
178.239.154.0/24
185.212.49.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:14:b8:78:c9:11:81:bf:80:d5:5d:0c:fd:77:bf:d0:4c:71:
ed:d6:c3:42:28:e4:31:a5:d4:0f:9a:7f:d7:5c:1d:20:8c:0f:
d7:3b:e9:91:21:7e:25:1c:85:ba:c8:c1:4f:83:76:4a:66:04:
a0:c9:9e:46:ab:9f:c8:55:2e:2c:a3:ce:c1:c2:47:ba:aa:fc:
88:68:8f:f6:0b:51:a8:ea:bb:c1:1a:d4:5c:66:53:c0:fe:a0:
76:c4:cb:af:e2:c2:a0:87:fe:7e:13:70:0f:15:64:4d:c6:c4:
e0:84:b7:47:2c:eb:03:34:40:56:0a:00:b8:cb:fc:c3:39:0c:
41:b9:19:e3:47:5c:e7:98:c0:2b:90:ee:ee:64:33:59:c8:ff:
b2:97:cb:2d:b1:68:6a:ff:b1:a1:a6:28:c4:18:99:71:86:52:
20:93:45:b7:de:07:2b:03:4c:2d:59:9e:0c:bc:e3:7f:f2:fe:
6a:9a:7d:59:91:cd:76:93:2e:08:a4:61:c0:62:b1:ff:27:5f:
18:6e:a8:72:e9:f9:1c:90:20:09:62:f2:b0:e3:48:d6:27:77:
04:9a:12:56:7a:09:14:0b:e3:52:ca:af:9d:e4:77:ea:65:87:
b7:44:b8:49:ef:21:db:04:00:bc:b5:84:61:39:70:3f:64:13:
01:6f:81:d7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYv2iE4Ce2mXQfYabOoRH+UPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMxMTIyMTAxNjQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2FlYzEwMDdkMzkxYjFjNWQ3ZGM1ODcwZWU5NWY2N2NmYmY5NzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWoUpOnvmRd71eDDB/6U7TAtlvmw
TJN2+M6YSj7Arakr+BHZWVf/2NF8N4MWElzoQe3ftUwaNIVhZPUGUL7/iWwD9hSP
MVU4jIl/P7Ukvkptd1bn2SeBX0uF9KY4fE6ehH5LNoH3ClYw4garTmZFviUVMbaq
Q9xdKZytwCIfE55QLz/Td2M4XqjjaNARaDreWLQAKBQmsi+6UK/4VEKYP9styYoo
2lAh+LZ9yc3Xgstn5UOLsbxiWyJvnmQBmDQlnxYK4s50bOt1UjTOl9hW53cDlhXr
e62lZQ13S8PwNQVLTDZiGxlW8o3mnyJhNmcp/SkIELb1DBGipQTGki61TQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMeuwQB9ORscXX3Fhw7pX2fPv5cBMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEveDY3QkFIMDVHeHhkZmNXSER1bGZaOC1fbHdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABTkgAwQA
BTknAwQAsu+aAwQAudQxMA0GCSqGSIb3DQEBCwUAA4IBAQDTFLh4yRGBv4DVXQz9
d7/QTHHt1sNCKOQxpdQPmn/XXB0gjA/XO+mRIX4lHIW6yMFPg3ZKZgSgyZ5Gq5/I
VS4so87Bwke6qvyIaI/2C1Go6rvBGtRcZlPA/qB2xMuv4sKgh/5+E3APFWRNxsTg
hLdHLOsDNEBWCgC4y/zDOQxBuRnjR1znmMArkO7uZDNZyP+yl8stsWhq/7GhpijE
GJlxhlIgk0W33gcrA0wtWZ4MvON/8v5qmn1Zkc12ky4IpGHAYrH/J18Ybqhy6fkc
kCAJYvKw40jWJ3cEmhJWegkUC+NSyq+d5HfqZYe3RLhJ7yHbBAC8tYRhOXA/ZBMB
b4HX
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:49:46 2025 by rpki-client